Move the implication of MBEDTLS_PSA_CRYPTO_CLIENT where it belongs

If MBEDTLS_PSA_CRYPTO_C is enabled, we always enable MBEDTLS_PSA_CRYPTO_CLIENT, since the client-side functions are part of the full PSA crypto feature set. Historically, we didn't have a good place for configuration modification, so we did this early in the crypto.h include tree. Since Mbed TLS 3.0, we have mbedtls/build_info.h for that. Addresses https://github.com/Mbed-TLS/mbedtls/issues/7144 . Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2025-02-20 21:39:54 +00:00 · 2023-02-22 22:20:24 +01:00 · 2023-02-22 22:20:24 +01:00 · 95c915201e
commit 95c915201e
parent 361b5f992f
2 changed files with 7 additions and 7 deletions
--- a/include/mbedtls/build_info.h
+++ b/include/mbedtls/build_info.h
@ -80,6 +80,13 @@
 #include MBEDTLS_USER_CONFIG_FILE
 #endif

+/* If MBEDTLS_PSA_CRYPTO_C is defined, make sure MBEDTLS_PSA_CRYPTO_CLIENT
+ * is defined as well to include all PSA code.
+ */
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+#define MBEDTLS_PSA_CRYPTO_CLIENT
+#endif /* MBEDTLS_PSA_CRYPTO_C */
+
 /* The PK wrappers need pk_write functions to format RSA key objects
 * when they are dispatching to the PSA API. This happens under USE_PSA_CRYPTO,
 * and also even without USE_PSA_CRYPTO for mbedtls_pk_sign_ext().
--- a/include/psa/crypto_types.h
+++ b/include/psa/crypto_types.h
@ -44,13 +44,6 @@
 #include "crypto_platform.h"
 #endif

-/* If MBEDTLS_PSA_CRYPTO_C is defined, make sure MBEDTLS_PSA_CRYPTO_CLIENT
- * is defined as well to include all PSA code.
- */
-#if defined(MBEDTLS_PSA_CRYPTO_C)
-#define MBEDTLS_PSA_CRYPTO_CLIENT
-#endif /* MBEDTLS_PSA_CRYPTO_C */
-
 #include <stdint.h>

 /** \defgroup error Error codes